Blocking arp only on a VIP
Hi everyone !
I am working on an LVS and for this, i need a common ip address which won't
answer ARP and a unique ip address which works normaly.
The problem is, i got only one NIC per node so... i setup this iptable rule :
iptables -t nat -A PREROUTING -p tcp -d 10.3.7.20 --dport 80 -j REDIRECT
--to-port 80
to prevent the arp answer. it works great but not with more than 1 ip
addresses. apparently, my other ip answers to arp.
Anyone have an idea how to work around this ?
in /proc, an arp_ignore is possible to set but it works for the whole NIC
which of course i don't want since my other IP doesn't works in this case....
Thank you :)
Reply to: